@wxcafe I'm having a massive deja-vu right now. Wasn't there some other exploit around the UID that was possible in the last year and a half or so?
@spacekookie @wxcafe That bug was that services with an invalid USER= setting (e.g. with a username that started with a digit) still got started, but as root (https://github.com/systemd/systemd/issues/6237).
This one is a straight bug in polkit. I don't think there is anything that systemd can do, other than to stop using polkit entirely.
@wxcafe y'avais déjà eu un truc du genre je crois :D :D :D
@wxcafe mais omg comment ça se fait que personne l'a vu avant ?
@wxcafe You could say it's a feature: special user INT_MAX, for all your system management, without superuser powers...
@wxcafe Is INT_MAX 0xFFFFFFFF or 0x7FFFFFFF?